If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

I know what you guys mean. It just takes too much time to patch and protect yourself not to mention the 1000 other users in your network. even with patch management tools and remote deployment software installed on your network it still takes too bloody long to make sure everything is up to date. throw in the 200 mobile users that use notebooks and work from outside or from home and you have a major pain in the a$$.

I myself just got infected by trojan.qhosts as you can see from my thread. probably just from visiting some website. And I update daily. I am still trying to figure out which website that infected me. Spent about half an hr trying to clear up the mess.

New hacker sentencing guidelines...

Punishment will now fit the crime and there is no $5,000 damage threshold. In the past prosecutors had to show the criminal caused at least $5,000 in damage. They can now use costs of restoring data, fixing security holes, damage assessments and revenue loss into the total damage calc. Hmm.

RE: Survival

New article in Washington Post that just came out where the govt is increasing the punishment for convicted computer hackers.

Punishment will now fit the crime and there is no $5,000 damage threshold. In the past prosecutors had to show the criminal caused at least $5,000 in damage. They can now use costs of restoring data, fixing security holes, damage assessments and revenue loss into the total damage calc. Hmm.

I hope this helps cool the creation and distribution of malware some.

Since everyone here likes analogies this is what is going to happen..
Survival of the fitest. With this in place there will be less lamers writing virii(c/p code + modification)/Vrri toolkits. What will also happen is that the only people writing virii will be people who are so good at it that you will have incredibly large problems unless you develope a "vacine".

Bacteria A infects a town. The doctor uses penicillan and all is well. Unknown to him and the others though Bacteria B mutated into Bacteria AB, which is penicillan resistant... and this process continues. The fine will only deter skiddies, not hardcore blackhats. Sorry

Just an observation/question... have there ever been any kind of studies done that differentiate between damage caused by skiddies, and damages caused by "hardcore" blackhats?

From what I've seen (which is limited), don't the majority of the problems come from skiddies? (I kinda like that word, reminds me of something you would find in your underwear)..sorry, I digress..

Anyway, if you can knock the children out of the equation, wouldn't that be almost like curing the common cold? Sure, there's plenty of other new fun diseases to discover, but at least serious effort could be directed there, instead of those minor annoyances.

I believe that the lifting of fixed penalties etc. will deter the skiddies (skidmarks?), or at least make their parents a little more interested in what they are doing.$$$$$$$$$$$ are great motivators

I have often wondered how these things get spread so far and so quickly. I suspect that serious blackhats must have their disciples who go and do the work for them? As well as copying source and modifying it into variants?

I agree with groovicus that if you can stop the distribution agents you will have won a major phase of the battle.

On the other hand, PM8228 has a point in that there will always be the serious blackhats. These people are social deviants/misfits or whatever. It is just like you will always have rapists and murderers, or any other crime where the perp. does not receive any material gain? Punishment might deter the fainthearted, but most criminalists seem to think that it is the certainty of being caught that is the real deterrent?

I am not worried about virus generation toolkits. They take a comparatively long time to write, and as soon as they are distributed they fall into the hands of the AV providers, who will quickly produce a generic solution. I think that the production of a generator that does not have a distinctive pattern must be the greatest challenge to blackhats? No one has managed it yet AFAIK.

I think that the legislation can go further to include the owners of websites that host blackhat forums etc. I also feel that ISPs have been less than enthusiastic regarding their potential contribution to the fight?

There will always be the problem of Internationalism though? If a US citizen opens an offshore website, or uses an offshore e-mail provider, there is very little that domestic US legislation can do?

Just a few thoughts

Cheers

If you cannot do someone any good: don't do them any harm....
As long as you did this to one of these, the least of my little ones............you did it unto Me.
What profiteth a man if he gains the entire World at the expense of his immortal soul?

RE: "Material"

I am not worried about virus generation toolkits. They take a comparatively long time to write, and as soon as they are distributed they fall into the hands of the AV providers, who will quickly produce a generic solution. I think that the production of a generator that does not have a distinctive pattern must be the greatest challenge to blackhats? No one has managed it yet AFAIK.

Well I am a coder, but I can not/never tried to write a virus so correct me if I am wrong, but Virii toolkits have a bunch of code then they just put it together and compile it to someones specifications. The two ways I can think of that would all for non-pattern files is
A) have a bunch of different code that does the same things
B) AI - Personally I think AI is sweet ****(not for virii), but it means you have to have like a million years of experience

I think that the legislation can go further to include the owners of websites that host blackhat forums etc. I also feel that ISPs have been less than enthusiastic regarding their potential contribution to the fight?

I am sorry Nihil(i just realized this mean nothing in latin, had a test on it today ) but I disagree. By taking down someone's site especially in the US is against the constitution, and although the goverment is already turning it into a joke, there is a freedom to express one's self and oppinions that I believe should be upheld.

PM8228, it is not ALWAYS agains the constitution to take down a web site. (certain forms of pornography come to mind) While I do agree with the first amendment, IMHO, often times it is taken too far, and out of context. The media blitz over our national do not call list is a good example of this.

1. Virus Generation kits must, by their very nature, have limited parameters......they will leave a pattern......I think I have about 3 of them somewhere (I was beta testing a South American AV product a while back). I have not noticed a "modern one". The reason is that they are too easy to generically protect against...so the considerable effort is not rewarded with the "impact". I guess I am suggesting that they are obsolete. There may be some worm generators around, I have not looked recently. These and trojan generators may still be valid, because the means of spreading is not viral? and they tend to rely on human frailty or software weaknesses? I believe that the task is very difficult, and AI is well beyond me Recent trends suggest that skiddies just take existing code and modify it?

2. There are some websites that extol the use of malware, and distribute such materials . I do not think that such activity is protected by any amendment to the Constitution of the USA? It is hardly "expressing opinion"?. I guess that it is like groovicus's comparison to child pornography. Similarly you do not have the "democratic right" to commit treason?

OK there are a lot of "grey areas", but it is the skiddie sites I am referring to. Real "pro's" would not go near these......they just provide ammunition to nuisance makers?.......I would actually not be surprised if a lot of "black hats" would like to see these sites disappear?

BTW....In my country, "incitement to commit a crime" is a crime in itself..........how about the USA?

Cheers

If you cannot do someone any good: don't do them any harm....
As long as you did this to one of these, the least of my little ones............you did it unto Me.
What profiteth a man if he gains the entire World at the expense of his immortal soul?

However, one would have to prove actual intent to commit a crime, and that would take a clever prosecutor.

The problem is, that by stating that "any info here is for educational purposes only", (or similar crap), the first amendment comes into effect. The ISP and web-master are effecively absolved of blame and recompense from any harm resulting from materials stored on their server/property.

EDIT: I'll have to give a little thought about what a black-hat may think. Were it me, I guess I would welcome the skiddie activity because it makes an effective smokescreen.